Job Requirements
Falls Church, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description
Everforth ECS is seeking a Cybersecurity Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Cybersecurity Engineer implements and sustains the security architecture, monitoring capabilities, and compliance posture that protect WDP Core Integration operations across all classification tiers. This role is embedded across WDP's DevSecOps delivery lifecycle, ensuring that cybersecurity is engineered into every platform layer - from identity and access management to cross-domain boundary protections - rather than applied after deployment.
• Implements cybersecurity architecture, defensive monitoring capabilities, and enclave-specific protections supporting War Data Platform (WDP) Core Integration operations across Unclassified, Secret, and Top Secret domains powering mission execution for Combatant Commands, Joint Staff elements, and strategic decision makers.
• Deploys and configures NIST SP 800-53 security controls, identity and access management services, continuous monitoring sensors, Zero Trust enforcement mechanisms, and cross-domain cybersecurity components consistent with DoW cybersecurity directives and CDAO governance.
• Conducts recurring vulnerability assessments, penetration-test follow-up activities, and automated scanning operations using platforms such as Nessus, ACAS, Splunk Enterprise Security, Elastic Security, and cloud-native threat-detection tools to identify, analyze, and remediate configuration weaknesses across WDP Core Integration cloud, data, and application ecosystems.
• Supports incident response operations by performing log analysis, event correlation, triage actions, and threat-hunting tasks within multi-classification environments, producing technical findings, mitigation actions, and post-incident reports for enterprise leadership.
• Develops and maintains cybersecurity documentation, Body-of-Evidence artifacts, system security plans, standard operating procedures, and RMF compliance updates required for Authorizing Official review.
• Collaborates with DevSecOps, infrastructure, and platform engineering teams to integrate secure coding practices, encryption configurations, automated guardrails, and enclave boundary protections.
• Strengthens operational resilience by monitoring emergent threats, validating countermeasures, and contributing technical recommendations that advance WDP Core Integration cybersecurity maturity and mission readiness.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
• A minimum of 3 years of experience in cybersecurity engineering, security operations, or a closely related discipline within a federal, defense, or government contracting environment, with demonstrated proficiency implementing NIST SP 800-53 security controls, Zero Trust enforcement mechanisms, and continuous monitoring capabilities across multi-enclave cloud and application environments.
• Active IAT Level III certification, satisfied by one of the following: CompTIA CASP+ CE, ISC² CISSP (or Associate), GIAC GCED, GIAC GCIH, or Cisco CCNP Security.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Hands-on experience conducting vulnerability assessments and automated scanning operations using enterprise security tools such as Nessus, ACAS, Splunk Enterprise Security, or Elastic Security, including demonstrated ability to analyze findings, prioritize remediation actions, and produce structured technical reports supporting RMF Body-of-Evidence and authorization package requirements across Unclassified, Secret, and Top Secret environments.
• Familiarity with the DoW RMF lifecycle - as defined by DoWI 8500, DoWI 8510.01, and NIST SP 800-53 - and the transition toward the Cybersecurity and Risk Management Continuum (CSRMC), including experience managing system security plans, Plans of Action and Milestones, and continuous monitoring activities in support of Authorization to Operate decisions across IL2, IL5, IL6, and JWICS environments.
• Experience integrating cybersecurity engineering activities into DevSecOps pipelines, including the implementation of automated security guardrails, static analysis tooling, secret scanning, artifact validation, and enclave boundary protection mechanisms within CI/CD workflows supporting classified and unclassified government platform delivery.
• Familiarity with Identity, Credential, and Access Management (ICAM) technologies - including Attribute-Based Access Control (ABAC), Privileged Access Management (PAM), and Zero Trust architecture enforcement - as applied to securing enterprise AI, data, and analytics platforms operating across multi-classification DoW mission environments.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
Everforth ECS is seeking a Cybersecurity Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Cybersecurity Engineer implements and sustains the security architecture, monitoring capabilities, and compliance posture that protect WDP Core Integration operations across all classification tiers. This role is embedded across WDP's DevSecOps delivery lifecycle, ensuring that cybersecurity is engineered into every platform layer - from identity and access management to cross-domain boundary protections - rather than applied after deployment.
• Implements cybersecurity architecture, defensive monitoring capabilities, and enclave-specific protections supporting War Data Platform (WDP) Core Integration operations across Unclassified, Secret, and Top Secret domains powering mission execution for Combatant Commands, Joint Staff elements, and strategic decision makers.
• Deploys and configures NIST SP 800-53 security controls, identity and access management services, continuous monitoring sensors, Zero Trust enforcement mechanisms, and cross-domain cybersecurity components consistent with DoW cybersecurity directives and CDAO governance.
• Conducts recurring vulnerability assessments, penetration-test follow-up activities, and automated scanning operations using platforms such as Nessus, ACAS, Splunk Enterprise Security, Elastic Security, and cloud-native threat-detection tools to identify, analyze, and remediate configuration weaknesses across WDP Core Integration cloud, data, and application ecosystems.
• Supports incident response operations by performing log analysis, event correlation, triage actions, and threat-hunting tasks within multi-classification environments, producing technical findings, mitigation actions, and post-incident reports for enterprise leadership.
• Develops and maintains cybersecurity documentation, Body-of-Evidence artifacts, system security plans, standard operating procedures, and RMF compliance updates required for Authorizing Official review.
• Collaborates with DevSecOps, infrastructure, and platform engineering teams to integrate secure coding practices, encryption configurations, automated guardrails, and enclave boundary protections.
• Strengthens operational resilience by monitoring emergent threats, validating countermeasures, and contributing technical recommendations that advance WDP Core Integration cybersecurity maturity and mission readiness.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
• A minimum of 3 years of experience in cybersecurity engineering, security operations, or a closely related discipline within a federal, defense, or government contracting environment, with demonstrated proficiency implementing NIST SP 800-53 security controls, Zero Trust enforcement mechanisms, and continuous monitoring capabilities across multi-enclave cloud and application environments.
• Active IAT Level III certification, satisfied by one of the following: CompTIA CASP+ CE, ISC² CISSP (or Associate), GIAC GCED, GIAC GCIH, or Cisco CCNP Security.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Hands-on experience conducting vulnerability assessments and automated scanning operations using enterprise security tools such as Nessus, ACAS, Splunk Enterprise Security, or Elastic Security, including demonstrated ability to analyze findings, prioritize remediation actions, and produce structured technical reports supporting RMF Body-of-Evidence and authorization package requirements across Unclassified, Secret, and Top Secret environments.
• Familiarity with the DoW RMF lifecycle - as defined by DoWI 8500, DoWI 8510.01, and NIST SP 800-53 - and the transition toward the Cybersecurity and Risk Management Continuum (CSRMC), including experience managing system security plans, Plans of Action and Milestones, and continuous monitoring activities in support of Authorization to Operate decisions across IL2, IL5, IL6, and JWICS environments.
• Experience integrating cybersecurity engineering activities into DevSecOps pipelines, including the implementation of automated security guardrails, static analysis tooling, secret scanning, artifact validation, and enclave boundary protection mechanisms within CI/CD workflows supporting classified and unclassified government platform delivery.
• Familiarity with Identity, Credential, and Access Management (ICAM) technologies - including Attribute-Based Access Control (ABAC), Privileged Access Management (PAM), and Zero Trust architecture enforcement - as applied to securing enterprise AI, data, and analytics platforms operating across multi-classification DoW mission environments.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A